- From: Dave Longley <dlongley@digitalbazaar.com>
- Date: Sat, 11 Jun 2016 12:56:10 -0400
- To: David Chadwick <d.w.chadwick@kent.ac.uk>, public-credentials@w3.org
On 06/11/2016 07:27 AM, David Chadwick wrote: > > > It would appear to be so from the cat example that Dave gave (that > unfortunately has been cut out of your reply), in which the cat has two > different profiles but the same ID (because it refers to the same cat). > I think this is the wrong design, because we have now created > linkability between two separate profiles (or pseudonyms) that I might > have sent to two different relying parties. By using a common ID for two > different identity profiles we produce a correlation handle for the > relying parties. There are multiple use cases we want to support. One of them involves the ability to share a common identity with multiple parties. That doesn't mean that you *must* do this, it just means that you can. There are also cases where you should be able to have the unlinkability characteristics you mention, which can be implemented in a variety of different ways. I believe a layered approach will work here. I will reiterate though that the trust characteristics, disincentives for fraud, and infrastructure needs can be much more complicated in the unlinkable use cases. -- Dave Longley CTO Digital Bazaar, Inc.
Received on Saturday, 11 June 2016 16:56:37 UTC